Google Workspace
Connect your Google Workspace Account to Liberate
Google Admin
- Login to Google Workspaces as an Admin and bring up the Admin console https://admin.google.com/.
- Click on Apps and then click on Web and mobile apps
- Click on Add App and then choose Add custom SAML app
Name the app
Provide a name for the app (e.g. LiberateDemoProd) and a description. Click continue.
Download IDP Metadata
Download IDP metadata on the next screen. The download file is likely to be called GoogleIDPMetadata.xml. Once you download the metadata file, send it to the Liberate engineering team. Click next.
ACS URL and Entity ID
Two important configuration items are required here:
ACS URL (redirect URL)
Enter the ACS URL that was provided by the Liberate engineering team. This URL will be in the format https://demo-tenant.auth.us-west-2.amazoncognito.com/saml2/idpresponse, for example.
Entity ID
Enter the Entity ID that was provided by the Liberate engineering team. The Entity ID will be in the format urn:amazon:cognito:sp:your-user-pool-id.
Once you enter the ACS URL and Entity ID, click continue.
Here is an example screen capture:
Attribute Mapping
- First, choose Google Directory Attribute Primary email and map it to email
- Next, map “Last name” to “family_name” and “First name” to “given_name”
After you enter the attributes, click save.
Here's a screen capture showing attribute mapping:
Turn on User Access
Finally, turn on User Access for everyone, or a smaller subset of people. Here's a screen capture showing the summary:
Thats it! Make sure you send the metadata file to the Liberate engineering team. Once the metadata file is received, the Liberate engineering team will finalize the SSO configuration and you will be able to login with your Google credentials.
Updated 9 months ago